2854 matches found
security flaw
Signedness error in the copyfromreadbuf function in ntty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument...
security flaw
Integer overflow in sysepollwait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events...
security flaw
Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file...
CVE-2005-1126
The SIOCGIFCONF ioctl ifconf function in FreeBSD 4.x through 4.11 and 5.x through 5.4 does not properly clear a buffer before using it, which allows local users to obtain portions of sensitive kernel memory...
CVE-2005-1126
CVE-2005-1126 is a kernel memory disclosure vulnerability tied to the SIOCGIFCONF (ifconf) path. In FreeBSD 4.x (4.0–4.11) and 5.x (5.0–5.4), the ifconf code may copy uninitialized kernel memory to user space because the buffer is not cleared before use, enabling local users to obtain portions of...
CVE-2005-1126
The SIOCGIFCONF ioctl ifconf function in FreeBSD 4.x through 4.11 and 5.x through 5.4 does not properly clear a buffer before using it, which allows local users to obtain portions of sensitive kernel memory...
FreeBSD ifconf() information leak
Buffer may contain a part of kernel memory...
Linux ext2 filesystem information leak
During directory creating random data from kernel memory are written to disk...
Information leak in the Linux kernel ext2 implementation
Description: Information leak in the Linux kernel ext2 implementation References: CAN-2005-0400 Authors: Mathieu Lafon [email protected] Romain Francoise [email protected] Arkoon Security Team Advisory - March 25, 2005 http://arkoon.net/advisories/ext2-make-empty-leak.txt Revision: 1.0 1...
CVE-2005-0867
Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file...
CVE-2005-0736
Integer overflow in sysepollwait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events...
security flaw
Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service crash and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores...
security flaw
Multiple integer signedness errors in the sgscsiioctl function in scsiioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copyfromuser and copytouser functions...
CVE-2005-0178
CVE-2005-0178 describes a race condition in the setsid() handling of the Linux kernel before 2.6.8.1. Local users could crash the kernel and potentially access portions of kernel memory related to TTY changes, locking, and semaphores. Affected software: Linux kernel versions prior to 2.6.8.1 (per...
CVE-2003-1062
CVE-2003-1062 affects Solaris SYSINFO(2) on SPARC 2.6–9 and x86 2.6,7,8. A local attacker can read kernel memory by exploiting a 0 variable count argument in sysinfo(2), where copyout uses a -1 argument (described as an integer underflow/overflow). The provided sources do not specify a patch vers...
CVE-2005-0180
CVE-2005-0180 involves multiple signedness errors in sg_scsi_ioctl (scsi_ioctl.c) of Linux 2.6.x. The flaw lets a local user read or modify kernel memory by passing negative integers to the ioctl, bypassing a maximum-length check before copy_from_user/copy_to_user. Connected advisories (e.g., Man...
CVE-2004-1151
Multiple buffer overflows in the 1 sys32nisyscall and 2 sys32vm86warning functions in sysia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges...
CVE-2004-0919
The syscons CONSSCRSHOT ioctl in FreeBSD 5.x allows local users to read arbitrary kernel memory via 1 negative coordinates or 2 large coordinates...
Debian top - Format String
source: https://www.securityfocus.com/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems. On BSD systems, top is installed setgid kmem so that it may read process...
CVE-2004-1066
The CVE-2004-1066 issue affects FreeBSD’s procfs (procfs(5)) and linprocfs (linprocfs(5)) on FreeBSD 4.x/5.x. The vulnerability arises from dereferencing a processor argument vector without proper validation when reading /proc/curproc/cmdline (procfs) or /proc/self/cmdline (linprocfs). Impact is ...